The U.S. Maritime Transportation System (MTS), handling over $5.4 trillion in annual goods and services, faces significant cybersecurity vulnerabilities amid increasing threats from foreign actors and criminal organizations.
A new Government Accountability Office (GAO) report reveals substantial gaps in the Coast Guard’s ability to protect critical maritime infrastructure from cyber threats. The report highlights that while the Coast Guard provides oversight through facility and vessel inspections, it struggles to access complete information on cybersecurity-related inspection results.
“The Coast Guard cannot readily access complete information on inspection results specific to cybersecurity from its system of record,” the report states, indicating a significant oversight challenge.
The investigation identified China, Iran, North Korea, Russia, and transnational criminal organizations as the primary cyber threats to the MTS. The increasing reliance on technology in maritime facilities and vessels has created new vulnerabilities to cyberattacks.
The timing of this report is particularly relevant given recent developments in maritime security. In November, the Coast Guard issued MARSEC Directive 105-5, specifically addressing cybersecurity concerns related to Chinese-manufactured ship-to-shore cranes.
The directive was prompted by alarming findings that Chinese-manufactured cranes dominate approximately 80% of U.S. port infrastructure, with Shanghai Zhenhua Heavy Industries (ZPMC) maintaining the majority share.
Security concerns intensified after the FBI discovered intelligence collection devices on ZPMC cranes at the Port of Baltimore, along with evidence of unauthorized cellular modem installations and attempts to gain remote access to U.S. port facilities.
To address these challenges, the GAO has issued five key recommendations, including improving cybersecurity incident tracking, enhancing access to deficiency data, strengthening cybersecurity strategy, and developing comprehensive workforce competency requirements.
While the Coast Guard has developed a cyber strategy, the GAO found it falls short of meeting all key characteristics needed for an effective national strategy. Additionally, the agency has not fully developed competency requirements for its cyber workforce or addressed existing competency gaps.
As cyber threats continue to evolve, these findings underscore the urgent need for improved maritime cybersecurity measures to protect one of America’s most critical infrastructure sectors.
Join the gCaptain Club for curated content, insider opinions, and vibrant community discussions.
Join the 108,940 members that receive our newsletter.
Have a news tip? Let us know.
Chinese retaliation to US tariffs will hit the “low-margin” agricultural sector the hardest, and White House officials haven’t grasped the full impact, say experts.
Russia’s first home-built Arc6 ice-class oil tanker continues its voyage from the Zvezda shipyard in the Far East to its service area in the Arctic. After a month at sea the 69,000 dwt Valentin Pikul passed through the Suez Canal on Monday, now displaying Murmansk above the Arctic Circle as its destination.
The US-flagged Stena Immaculate, carrying 220,000 barrels of Jet-A1 fuel, had at least one of its cargo tanks ruptured after it was struck by a containership off the UK coast...
Maritime and offshore news trusted by our 108,940 members delivered daily straight to your inbox.
Essential news coupled with the finest maritime content sourced from across the globe.
Sign Up
Join The Club
